Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-05-2021
Ran by o (administrator) on DESKTOP-BAS7282 (MSI MS-7971) (13-05-2021 10:11:21)
Running from C:\Users\o\Downloads
Loaded Profiles: o
Platform: Windows 10 Home Version 20H2 19042.985 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2103.17603.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.621.4222.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.621.4222.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <8>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8811776 2016-05-05] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [164808 2021-05-05] (ESET, spol. s r.o. -> ESET)
HKU\S-1-5-21-2671679121-1364000227-736312402-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\PhotoScreensaver.scr [581120 2021-01-14] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2671679121-1364000227-736312402-1003\...\Run: [Spotify] => C:\Users\o\AppData\Roaming\Spotify\Spotify.exe [22151072 2020-03-03] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2671679121-1364000227-736312402-1003\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32726088 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2671679121-1364000227-736312402-1003\...\MountPoints2: {27c10510-1eac-11e8-a65c-4ccc6a63ea7c} - "F:\Lenovo_Suite.exe" 
HKU\S-1-5-21-2671679121-1364000227-736312402-1003\...\MountPoints2: {6a1adf00-6ae9-11eb-b4b1-4ccc6a63ea7c} - "F:\Lenovo_Suite.exe" 
HKU\S-1-5-21-2671679121-1364000227-736312402-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\PhotoScreensaver.scr [581120 2021-01-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP DeskJet 5820 series): C:\WINDOWS\system32\HPDiscoPMEE11.dll [807056 2016-08-04] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\...\Print\Monitors\HP EE11 Status Monitor: C:\WINDOWS\system32\hpinkstsEE11LM.dll [383496 2015-09-01] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.212\Installer\chrmstp.exe [2021-05-11] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2018-08-06]
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe () [File not signed]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {38698A46-40C8-4BE2-84A8-4F8E081CEAC4} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696304 2021-05-07] (Mozilla Corporation -> Mozilla Foundation)
Task: {83A11FF9-2712-46E1-A4AD-8FBE7E89A8FA} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-2671679121-1364000227-736312402-1003 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [24064 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {908F6C75-3F37-44AC-9B6F-7512DA2DE27E} - System32\Tasks\HPCustParticipation HP DeskJet 5820 series => C:\Program Files\HP\HP DeskJet 5820 series\Bin\HPCustPartic.exe [6104720 2016-08-04] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
Task: {980BE6C9-83BA-4AD7-9157-A01F67784BBE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27168840 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C066B677-8C84-4DCF-913E-D5C0BEA2829D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-05] (Google Inc -> Google Inc.)
Task: {C862ED55-18CC-4325-9006-90C178378B7E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {CC3B15F9-3A5C-4A7C-9EE1-604E5BF343C3} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {D0507455-93B6-4896-9EBB-985B7CADA3BE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-05] (Piriform Software Ltd -> Piriform)
Task: {DC4A9419-1158-460E-A820-E03A771653A9} - System32\Tasks\HPPrintMonitorService => C:\Program Files (x86)\HP\Diagnostics\PrintMonitorService\HPPrintMonitorService.exe [73224 2020-10-13] (HP Inc. -> )
Task: {E7DF2A2A-E524-4370-BB02-B212AFD161E5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-05] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 85.93.160.254 85.93.160.118
Tcpip\..\Interfaces\{7ca960af-b27a-4434-a2b9-ddc5ddff558b}: [DhcpNameServer] 85.93.160.254 85.93.160.118

Edge: 
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\o\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-13]

FireFox:
========
FF DefaultProfile: epktbmwu.default
FF ProfilePath: C:\Users\o\AppData\Roaming\Mozilla\Firefox\Profiles\epktbmwu.default [2021-05-13]
FF Homepage: Mozilla\Firefox\Profiles\epktbmwu.default -> hxxps://atlas.centrum.cz/?redirected=1533474501
FF Notifications: Mozilla\Firefox\Profiles\epktbmwu.default -> hxxps://www.urbanstore.cz; hxxps://messages.android.com; hxxps://sport.aktualne.cz; hxxps://messages.google.com; hxxps://www.premiumsports.cz; hxxps://www.nej-ceny.cz; hxxps://www.viry.cz
FF Extension: (AdBlocker Ultimate) - C:\Users\o\AppData\Roaming\Mozilla\Firefox\Profiles\epktbmwu.default\Extensions\adblockultimate@adblockultimate.net.xpi [2020-12-07]
FF Extension: (Forget Me Not - Forget cookies & other data) - C:\Users\o\AppData\Roaming\Mozilla\Firefox\Profiles\epktbmwu.default\Extensions\forget-me-not@lusito.info.xpi [2020-05-25]
FF Extension: (HTTPS Everywhere) - C:\Users\o\AppData\Roaming\Mozilla\Firefox\Profiles\epktbmwu.default\Extensions\https-everywhere@eff.org.xpi [2021-04-15]
FF Extension: (Privacy Badger) - C:\Users\o\AppData\Roaming\Mozilla\Firefox\Profiles\epktbmwu.default\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2021-02-03]
FF Extension: (Video DownloadHelper) - C:\Users\o\AppData\Roaming\Mozilla\Firefox\Profiles\epktbmwu.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-12-17]
FF Extension: (No Name) - C:\Users\o\AppData\Roaming\Mozilla\Firefox\Profiles\epktbmwu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-01-29]
FF Extension: (No Name) - C:\Users\o\AppData\Roaming\Mozilla\Firefox\Profiles\epktbmwu.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-27] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2021-05-13]

Chrome: 
=======
CHR Profile: C:\Users\o\AppData\Local\Google\Chrome\User Data\Default [2021-05-13]
CHR Notifications: Default -> hxxps://mail.google.com; hxxps://messages.google.com; hxxps://www.global-sport.cz; hxxps://www.semena-marihuany.cz
CHR Extension: (Prezentace) - C:\Users\o\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-05]
CHR Extension: (Dokumenty) - C:\Users\o\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-05]
CHR Extension: (Disk Google) - C:\Users\o\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\o\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\o\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\o\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\o\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\o\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-16]
CHR Profile: C:\Users\o\AppData\Local\Google\Chrome\User Data\System Profile [2021-05-11]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2954416 2021-05-05] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2954416 2021-05-05] (ESET, spol. s r.o. -> ESET)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [284808 2021-02-05] (HP Inc. -> HP Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe [473312 2017-03-20] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [169400 2021-04-28] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [112576 2021-04-28] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15824 2021-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [192624 2021-04-28] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\System32\drivers\ekbdflt.sys [43832 2021-04-28] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70160 2021-04-28] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107400 2021-04-28] (ESET, spol. s r.o. -> ESET)
S3 leusbser; C:\WINDOWS\System32\drivers\leusbser.sys [238080 2015-04-14] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 qcusbwwan; C:\WINDOWS\System32\drivers\qcusbwwan.sys [557112 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 umpusbwin8; C:\WINDOWS\system32\DRIVERS\umpusbvista.sys [107960 2021-03-01] (SHIMANO INC. -> SHIMANO INC)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-05-13 10:11 - 2021-05-13 10:11 - 000016708 _____ C:\Users\o\Downloads\FRST.txt
2021-05-13 10:10 - 2021-05-13 10:10 - 002299392 _____ (Farbar) C:\Users\o\Downloads\FRST64.exe
2021-05-13 09:26 - 2021-05-13 09:26 - 000020365 _____ C:\Users\o\Downloads\log.zip
2021-05-12 07:38 - 2021-05-12 07:38 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-05-11 14:48 - 2021-05-11 15:27 - 000000000 ____D C:\KVRT2020_Data
2021-05-11 08:34 - 2021-05-13 09:17 - 000000000 ____D C:\rsit
2021-05-11 08:34 - 2021-05-11 09:45 - 000000000 ____D C:\Program Files\trend micro
2021-05-11 08:33 - 2021-05-11 08:33 - 001222144 _____ C:\Users\o\Downloads\RSITx64.exe
2021-05-11 07:22 - 2021-05-11 07:22 - 000058396 _____ C:\WINDOWS\system32\cc_20210511_072244.reg
2021-05-07 09:52 - 2021-05-07 09:52 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-05-07 06:54 - 2021-05-08 06:32 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-05-01 18:09 - 2021-05-01 18:09 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-05-01 18:09 - 2021-05-01 18:09 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-05-01 18:09 - 2021-05-01 18:09 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-05-01 18:09 - 2021-05-01 18:09 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-05-01 18:09 - 2021-05-01 18:09 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-01 18:09 - 2021-05-01 18:09 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-01 18:08 - 2021-05-01 18:08 - 001823816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-05-01 18:08 - 2021-05-01 18:08 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-05-01 18:08 - 2021-05-01 18:08 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-01 18:08 - 2021-05-01 18:08 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-05-01 18:08 - 2021-05-01 18:08 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-04-29 13:03 - 2021-04-29 13:03 - 000085827 _____ C:\Users\o\Documents\OckovaciCertifika huy3hf89j4.zip
2021-04-29 12:57 - 2021-04-29 12:57 - 000085638 _____ C:\Users\o\Documents\ye2am5qq58.zip
2021-04-15 07:41 - 2021-04-15 07:41 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-05-13 10:11 - 2019-01-15 17:30 - 000000000 ____D C:\FRST
2021-05-13 10:09 - 2019-02-05 11:13 - 000000000 ____D C:\ProgramData\Mozilla
2021-05-13 10:08 - 2016-12-16 16:46 - 000000000 ____D C:\Users\o\AppData\LocalLow\Mozilla
2021-05-13 10:07 - 2020-11-02 17:55 - 000000000 ____D C:\Users\o\AppData\Roaming\WhatsApp
2021-05-13 10:07 - 2020-08-19 18:15 - 000000000 ____D C:\Users\o\AppData\Roaming\eM Client
2021-05-13 10:07 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-05-13 09:56 - 2020-07-29 18:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-05-13 08:44 - 2018-08-05 10:15 - 000000000 ____D C:\ProgramData\NVIDIA
2021-05-13 07:32 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-13 07:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-05-13 07:31 - 2018-08-05 16:13 - 000000000 ____D C:\Program Files\CCleaner
2021-05-13 07:05 - 2020-07-29 18:29 - 001693200 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-13 07:05 - 2019-12-07 16:41 - 000716764 _____ C:\WINDOWS\system32\perfh005.dat
2021-05-13 07:05 - 2019-12-07 16:41 - 000144942 _____ C:\WINDOWS\system32\perfc005.dat
2021-05-13 07:05 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-05-13 06:58 - 2020-07-29 18:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-05-13 06:58 - 2020-07-29 18:25 - 000008192 ___SH C:\DumpStack.log.tmp
2021-05-13 06:58 - 2018-08-05 10:15 - 000000000 _____ C:\WINDOWS\system32\Drivers\lvuvc.hs
2021-05-12 18:22 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-05-12 09:24 - 2020-07-29 18:30 - 000003786 _____ C:\WINDOWS\system32\Tasks\HPPrintMonitorService
2021-05-12 07:41 - 2020-07-29 18:25 - 000303640 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-05-12 07:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-05-12 07:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-05-12 07:39 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-12 06:32 - 2016-12-05 10:57 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-05-12 06:26 - 2018-08-05 17:39 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-12 06:24 - 2018-08-05 17:39 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-05-11 14:58 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-05-11 14:24 - 2018-08-30 10:31 - 000000000 ____D C:\Users\o\Documents\Platby od 8. 2018 a důležité zprávy
2021-05-11 13:03 - 2018-08-05 16:13 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-05-11 13:03 - 2018-08-05 16:13 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-05-08 10:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-05-08 06:47 - 2020-06-08 07:27 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-05-08 06:47 - 2020-06-08 07:27 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-05-08 06:33 - 2020-11-02 17:55 - 000000000 ____D C:\Users\o\AppData\Local\WhatsApp
2021-05-08 06:32 - 2018-08-05 15:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-05-07 09:52 - 2018-08-05 15:06 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-05-02 06:29 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-05-01 18:26 - 2019-12-07 16:42 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-05-01 18:26 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-05-01 18:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-05-01 18:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-05-01 18:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-05-01 18:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-05-01 18:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-05-01 18:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-05-01 18:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-05-01 18:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-05-01 18:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-05-01 18:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-05-01 18:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-05-01 18:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-05-01 18:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-05-01 18:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-05-01 18:11 - 2019-12-07 16:44 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-04-29 12:48 - 2020-07-29 18:30 - 000003370 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2671679121-1364000227-736312402-1003
2021-04-29 12:48 - 2020-07-29 13:54 - 000002349 _____ C:\Users\o\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-04-29 12:48 - 2016-12-16 16:11 - 000000000 ___RD C:\Users\o\OneDrive
2021-04-28 18:08 - 2018-07-12 14:22 - 000192624 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2021-04-28 18:08 - 2018-07-12 14:22 - 000169400 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2021-04-28 18:08 - 2018-07-12 14:22 - 000112576 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2021-04-28 18:08 - 2018-07-12 14:22 - 000107400 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2021-04-28 18:08 - 2018-07-12 14:22 - 000070160 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2021-04-28 18:08 - 2018-03-30 17:23 - 000043832 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2021-04-26 06:41 - 2020-07-29 18:30 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-26 06:41 - 2020-07-29 18:30 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-04-23 06:26 - 2018-08-06 16:15 - 000000000 ____D C:\Users\o\AppData\Local\SquirrelTemp
2021-04-22 18:23 - 2021-02-21 18:30 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-04-21 17:29 - 2020-07-29 13:54 - 000000000 ____D C:\Users\o
2021-04-21 12:34 - 2020-07-29 18:30 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-04-21 12:34 - 2020-07-29 18:30 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-04-20 16:53 - 2020-07-29 18:30 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-04-15 07:59 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-04-15 07:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-04-15 07:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-04-15 07:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-04-15 07:41 - 2020-07-29 18:28 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll

==================== Files in the root of some directories ========

2019-02-09 11:09 - 2020-11-05 13:25 - 000003584 _____ () C:\Users\o\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-06-08 17:23 - 2020-06-08 17:23 - 000000917 _____ () C:\Users\o\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================